The machine emulator has been abused in at least two different campaigns distributing ransomware and remote access tools.
The post Hackers Abuse QEMU for Defense Evasion appeared first on SecurityWeek.
ZionSiphon Malware Targets ICS in Water Facilities
The malware is configured to operate on systems associated with Israeli water treatment and desalination plants.
The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek.
100 Chrome Extensions Steal User Data, Create Backdoor
Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure.
The post 100 Chrome Extensions Steal User Data, Create Backdoor appeared first on SecurityWeek.
$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems.
The post $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks appeared first on SecurityWeek.
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT.
The post CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads appeared first on SecurityWeek.
Fake Claude Website Distributes PlugX RAT
The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself.
The post Fake Claude Website Distributes PlugX RAT appeared first on SecurityWeek.
Evasive Masjesu DDoS Botnet Targets IoT Devices
Focused on persistence, the botnet does not engage in widespread infection and avoids blacklisted IPs and critical infrastructure entities.
The post Evasive Masjesu DDoS Botnet Targets IoT Devices appeared first on SecurityWeek.
US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking
The APT28 threat group exploited vulnerable TP-Link and MikroTik routers to conduct adversary-in-the-middle (AitM) attacks.
The post US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking appeared first on SecurityWeek.
Guardarian Users Targeted With Malicious Strapi NPM Packages
Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials.
The post Guardarian Users Targeted With Malicious Strapi NPM Packages appeared first on SecurityWeek.
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Other noteworthy stories that might have slipped under the radar: Symantec vulnerability, anti-ClickFix mechanism added to macOS, FBI hack classified as major incident.
The post In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware appeared first on SecurityWeek.
